ASP.NET MVC: Authorize action filter
Authorize attribute is used to restrict the access of action method based on role or logged in username. We have to supply comma separated list of user name or role with this attribute name. If user is not logged in then it will redirect it to login page.
Attribute Usage: Controller & method
Sample Code:
[Authorize(Roles = "Admin,Manager")]
public ActionResult Report()
{
return View();
}
In above example, action method can be access by only users of Admin or Manager Role.
Likewise we can also pass comma separated name of users as displayed below.
[Authorize(Users="Nandip,Makwana")]
public ActionResult Report()
{
return View();
}
Check out ASP.NET MVC: Action filter series post to read about other available action filters.
You can follow me on twitter for latest link and update on ASP.NET & MVC.